bito-code-review[bot] commented on code in PR #41120:
URL: https://github.com/apache/superset/pull/41120#discussion_r3423402310
##########
superset/config.py:
##########
@@ -1872,6 +1872,20 @@ def engine_context_manager( # pylint:
disable=unused-argument
"pg_read_file",
"pg_ls_dir",
"pg_read_binary_file",
+ # PostgreSQL large-object functions: writers can plant arbitrary
+ # bytes on the server filesystem (lo_export, lo_from_bytea, lowrite,
+ # lo_put, lo_create, lo_import), readers can pull bytes back out
+ # (lo_get, loread), and lo_unlink deletes large objects outright.
+ # Defense-in-depth on top of is_mutating()'s function-name check.
+ "lo_from_bytea",
+ "lo_export",
+ "lo_import",
+ "lo_put",
+ "lo_create",
+ "lowrite",
+ "lo_get",
+ "loread",
+ "lo_unlink",
Review Comment:
<!-- Bito Reply -->
The suggestion to add 'lo_creat' to the
DISALLOWED_SQL_FUNCTIONS['postgresql'] set is appropriate. Including this alias
ensures consistent security coverage, as 'lo_creat' is a functional equivalent
to 'lo_create' and should be blocked to prevent potential misuse of PostgreSQL
large-object functions.
**superset/config.py**
```
"lo_create",
+ "lo_creat",
"lowrite",
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
